<?php

$error = "";

if( isset($_POST['login']) )
{
    $query = $db->query( 'SELECT * FROM users WHERE LOWER(name)="'.strtolower($_POST['login']).'" and password="'.$_POST['pass'].'"' );
    $res = $query->fetch();
    if( $query->rowCount() > 0 )
    {
        $_SESSION['user'] = $res['name'];
        $_SESSION['location'] = $res['location'];
        
        if( isset($_SESSION['basket']) )
        {
            next( $_SESSION['basket'] );
            header( 'Location: ./?restauracja='.key( $_SESSION['basket'] ) );
        }
        else
            header( 'Location: .' );
    }
    else
    {
        $error = '<div class="msg_error">Niepoprawny login lub hasło!</div>';
    }
}

if( isset($_GET['logout']) )
{
    session_destroy ( );
    header( 'Location: .' );
    
}

?>

<div class="container">
    <div id="main">
        <?php echo $error; ?>
        <form action="?page=login" method="post" id="loginform">
             <input type="submit" value="Wyślij"/>           
            <div>
             <label> Login </label>
                <input type="text" name="login"/>     
            </div>
            <div>
                <label> Hasło </label>
                <input type="password" name="pass"/>
            </div>
            
        </form>
    </div>
</div>